Archive

If you want to send confidential content via email you have to think about quite a few things. Its not enough to secure the channel you have to also secure the content. And when I say secure the channel, you have to hope it is, because while a lot of email endpoints or MTAs are now setup with optimistic TLS, some are not, and you won’t really know until you’ve been hacked.

And of course your metadata isn’t encrypted, and this might be as revealing as your content in some cases. DMARC, SPF, DKIM and so on will help, or you could run a scan with a tool like SSL labs on the domain, or some of the available mail test services against a known MTA, but that might be beyond some. As for mobile, things vary from OS to OS, version to version and so on.

PGP is still your friend here, but if you have your tinfoil hat on as well you might want to get away from some of the global multi-function services that have interests in aspects of your behaviour, your traffic patterns, email relationships and their attitudes to law enforcement requests. So, here is a quick, off the cuff comparison of a couple of services: MailFence and ProtonMail. Tell me where I have my facts wrong if you spot something!

I need a good media player for on the go – in particular it needs a large buffer and robust retry. Standard Android media player library doesn’t seem to cut it. VLC on Android seems to use its own media library but it still cuts out and fails to reconnect at 70mph on the motorway. ExoPlayer might do it, but I need to test it out first. The ExoPlayer demo app is the starting point.

Install Android Studio v3. I have beta 6 – this is needed for ExoPlayer v2. You may also need to set the tmp location for studio if your tmp folder is a tmpfs location in fstab – studio is hungry. Set the tmp location in studio.sh

export _JAVA_OPTIONS=-Djava.io.tmpdir=/var/tmp

Set up the app in Studio by importing the ExoPlayer git directory. The demo app is referenced from the demo.iml.

Have some getting to know you time with Studio, break gradle and its plugin, start again

Edit the demo asset with the playlists and samples, but don’t edit it (i.e. cut it down) completely because there seem to be some code dependencies on certain parts of the structure of this file. [Explayer/demo/src/main/assets/media.exolist.json]

Have literally been roadtesting, while making some code changes. Exoplayer may or may not behave better than say VLC, but at least I have code and can try and make changes. So I have upped the number of retries and buffer settings using a LoadControl and passing this in a different constructor call for SimpleExoPlayer in the PlayerActivity. However, the 3G/HSDPA signal while on the road is still so choppy and unreliable that, according to LogCat, I am getting SocketTimeout exceptions. Buffers do not seem to be depleted, and at the current size equivalent to a 5 minute cache of the radio stream, I am wondering why I am getting cutouts so often. I don’t believe a buffer that size is being built up, or being depleted because sometimes when starting out playback begins in under a minute and is interrupted about a minute later. Need more info!

[16/10/17]

Playing with loadControl some more isn’t really going to help here. The root cause is the buffer or its consumption rate. It doesn’t seem to me to ever get to the point where it is allocated fully (e.g. if you set a minBuffer size of 1min, playback invariably starts before 1 min). And the DefaultLoadControl only comes with one other element – the Allocator – that can be used to manipulate the internals of ExoPlayerInternalImpl where all the work is happening. Tracing back the points where the player datastats are set so that the UI displays e.g. buffering points to a method shouldContinueLoading. This compares the min and max buffer to the current internal buffer size or allocation and continues if its somewhere in between. But the Allocator also has a minimum size that maintains a byte array for the buffer and that can be manipulated in the Allocator constructor. Doing this, I thought I had stumbled upon the answer because I got continuous playback on one part of my drive where I couldn’t before. Unfortunately, I got a socket exception after this. So back to square one? (I have tried another player and it has the same trouble).

Need a proxy in addition to OpenDNS for kids to provide some additional parental control.

1) Install webmin as per latest instructions. Webmin has “unused plugin” for squid3. Check it runs on http://localohost:10000. Edit /etc/webmin/config to allow for unknown referers if you get xss warnings in the UI – “referers_none=0”

2) Install squid3. I had to chown proxy:proxy on the cache dir I wanted and add it to the cache config. (not essential). Edit /etc/squid3/squid.conf

Now, restart (sudo service squid3 restart) or apply the config in webmin.

3) Test – you should get a squid3 access denied page when you use your keywords on the machines with the configured MAC addresses. If you have trouble, back things out and start to test one-by-one. Dont forget to add the proxy config to your browser, or the wifi connection in android (long press -> modify ->manual proxy config).

Firefox on mobile seems to have a hard limit on the number of URLs it will sync. So, I have to dedupe and test my thousands of bookmarks somehow. A previous Check Links plugin has stopped working, and with the move to WebExtensions probably won’t be updated again. Nothing else in the add-ons store seems to meet the bill so I am going to have write some code. Makes a welcome change from the day job….

The schema keeps changing it seems, and “tags” don’t seem to be in the tables any more (even tho they still exist) . I seem to have lots of triplicate entries in moz_bookmarks too. And Sqllite doesnt support sensitive type or concurrent connection types, so it looks like a case of going through each entry in moz_bookmarks (17000 odd), checking/pinging each URL, recording the id of each fail and then using a preparedStatement to delete these rows. Better make a backup first!

Not using port 80 on my install and want to change to another – eg 8888 – for https/ssl/tls access. Support forums say change $site[‘url’] in header.inc.php to https from http – but the port number is also hardcoded in the redirect url config where it sets the Location http header, further down the config file. So for now, I have changed this to also hardcode the port to 8888 instead of 80.

In any case the m3u file contained lots of links to IPTV stations that were no longer available of not responding anymore so I wrote an awk script to parse the m3u and based on an expression execute and action that was a system() call. AWK is a great tool to use search expressions and logic on records in files but is a PITA to debug – and my other attempts at using getline didnt help either. M3U files are a sequence of paired records which makes grep and shell scripting innappropriate I think (which I did try firstly) and awk seems a better way, even if it needs a bunch of calls out to another process/shell.